On an ASA 5500 I have setup basic extended access-lists (eg access-list inside_access_out)
My connections work, however I am seeing alot of Denies such as:
Deny tcp src 192.168.1.1/80 to 192.168.2.1:65535 which is the reply to a connection started on the internal interface.
Even with the denies, the connections still work but I don't know why i am seeing these. I have applied the access-lists to access-groups using the access-group "in" interface inside
Can anyone also tell me how ASA regards inbound/outbound to an interface? Is inbound describing a packet coming into an interface externally or through the firewall, say from inside interface to outside interface